Ack, my WordPress suffers connectile dysfunction on a fresh install of RedHat 5! Not only did I get the above message, but dmesg was filling up with errors like this:
audit(1179258445.529:38): avc: denied { name_connect } for pid=3332 comm=“httpd” dest=3306 scontext=user_u:system_r:httpd_t:s0 tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
It turns out that I was getting stung by SELinux, which is enabled by default in RedHat 5. All the extra security is probably a good idea, if I knew how to configure it, but for the moment it was breaking a live site.
So I (well, Cliffy, Al, and I), took the short cut and set SELINUX=permissive in /etc/sysconfig/selinux (we could have gone with SELINUX=disabled, but this will help us learn…while we watch it fill our log files).
None of this would be a problem, likely, if I wasn’t using a remote MySQL server, but….
SELinux, RedHat 5, mysql blocked, connection problem, disable selinux
Posted May 21, 2007 by Casey Bisson
Categories: Technology. Tags: connection problem, disable selinux, mysql blocked, RedHat 5, SELinux.
3 Comments
Comments RSS
TrackBack Identifier URI
User contributed tags for this post:
selinux centos (252) - deactivate selinux (192) - remove selinux (113) - selinux redhat 5 (93) - uninstall selinux (92) - RedHat SELinux (80) - disable selinux redhat 5 (78) - redhat 5 selinux (77) - redhat 5 disable selinux (76) - redhat 5 firewall (75) - centos selinux (63) - rhel5 disable selinux (61) - SElinux RHEL5 (54) - selinux deactivate (53) - centos remove selinux (45) - SELinux (42) - how to deactivate selinux (39) - disable selinux rhel5 (39) - selinux mysql (38) - rhel5 firewall (36) - selinux uninstall (35) - how to disable selinux in redhat 5 (34) - RHEL 5 firewall (31) - disable selinux redhat (31) - rhel5 selinux (29) - deactivating SELinux (28) - rhel5 disable firewall (28) - centos disable audit (27) - selinux httpd (27) - red hat 5 firewall (26) - red hat 5 disable SELinux (26) - selinux mysqld (26) - wordpress Selinux (25) - RedHat 5 (24) - disable sealert (23) - selinux remove (23) - selinux redhat (19) - How to remove SElinux (19) - disable SELinux firewall (18) - redhat 5 selinux disable (18) - remove selinux centos (18) - uninstall selinux centos (18) - CentOS 5 selinux (17) - redhat disable selinux (17) - centos setroubleshoot (17) - centos deactivate selinux (16) - red hat 5 selinux (15) - selinux firewall (15) - centos disable firewall (15) - disable selinux red hat 5 (14) - disable selinux (14) - mysql selinux (14) - redhat remove selinux (13) - setroubleshoot centos (13) - RHEL 5 disable SELinux (13) - how to uninstall selinux (13) - selinux wordpress (12) - F (12) - centos 5 disable selinux (12) - disable firewall rhel5 (12) - disable selinux in rhel5 (12) - RHEL5 turn off firewall (12) - disable selinux rhel (12) - disable selinux for mysql (11) - firewall redhat 5 (11) - rhel 5 selinux (11) - firewall rhel5 (11) - RHEL5 SElinux disable (11) - centos uninstall selinux (11) - selinux rhel (11) - redhat selinux firewall (10) - selinux centos 5 (10) - how to firewall red hat 5 (9) - selinux httpd mysql (9) - centos 5 firewall (9) - how to disable SElinux redhat 5 (9) - RHEL 5 disable firewall (9) - disable selinux mysql (9) - red hat disable selinux (8) - mysql selinux redhat (8) - how to disable SELinux on redhat 5 (8) - deactivate selinux centos (8) - mysqld selinux (8) - disable selinux on redhat 5 (8) - centos 5 turn off firewall (8) - how to disable selinux in rhel5 (8) - rhel disable selinux (8) - disable audit CentOS (8) - redhat selinux disable (8) - redhat selinux mysql (8) - selinux red hat 5 (7) - selinux disable redhat (7) - redhat 5 turn off selinux (7) - disabel selinux (7) - centos 5 SELinux httpd (7) - SELinux in RHEL5 (7) - how to disable selinux rhel5 (7) - disable rhel5 firewall (7) - selinux on centos (7) - httpd mysql selinux (6) - avc: denied { search } (6) - deactivate selinux redhat (6) - disable selinux mysqld (6) - selinux ports (6) - SELinux deactivation (6) - firewall red hat 5 (6) - disable selinux centos (6) - redhat deactivate selinux (6) - how disable selinux (6) - ?????? ???? (5) - mysql redhat 5 (5) - turn off selinux (5) - red hat 5 setroubleshoot package (5) - selinux redhat 5 disable (5) - redhat selinux httpd (5) - centos 5 disable audit (5) - redhat 5 disable firewall (5) - rhel5 turn off selinux (5) - RHEL5 SELinux Permissive (5) - centos 5 selinux disable (5) - selinux httpd redhat (5) - rhel5 uninstall selinux (5) - disable firewall and SElinux (5) - RHEL 5 turn off firewall (5) - uninstall selinux redhat (5) - rhel5 disable audit (5) - redhat 5 remove SElinux (5) - disable selinux in redhat 5 (5) - disable selinux RHEL 5 (5) - disabling selinux redhat (5) - selinux disable redhat 5 (5) - red hat selinux (5) - deactivate SE Linux (5) - removing selinux centos (5) - ???? ?? (4) - شهوت (4) - cache Jf0O1b4BVFUJ maisonbisson com blog post 10849 IVI (4) - how to disable sealert (4) -
Would still potentially pose the same problems. At least if I am understanding you correctly. SELinux is more like a system firewall rather than a network firewall, so processes are restricted to their permissions, regardless of where the process is being executed. So, httpd was trying to operate outside the boundaries set within SELinux.
At least if I remember correctly. It has been a few years since I have messed with it at all.
sealert is your friend. It goes through the error logs, and tells you what all the selinux alerts and denials mean, and how to fix them.
it’s part of the setroubleshoot package, which should be installed by default.
Simon
[...] » RedHat 5 SELinux Gets In My Way So I (well, Cliffy, Al, and I), took the short cut and set SELINUX=permissive in /etc/sysconfig/selinux (we could have gone with SELINUX=disabled, but this will help us learn…while we watch it fill our log files). (tags: selinux security redhat) [...]